PHPRecipeBook version 2.24 suffers from a remote SQL injection vulnerability.
610a811c527263217bdf3030b7f78ca1dff61c93540f8c74ba0bee1df21cbbadApparently a simple TCP connection to port 53 of a Siemens Gigaset SE461 WiMAX router causes a denial of service condition.
85af3098b153a8de4dff6464bbdc089d9829be7754c7439a69ad8b59c84af6a6Simple script to crack MD5 signatures. Needs a dictionary file, of course.
694c975d932707afab3b31c98cb2d114441cee8ca9f3a16271d82f31b00977dcSimple perl script for bruteforcing tables on a SQL injection vulnerability.
61f9cf129529caa23632ac1c923547a9caddf55ff6b956bd629704d1744426c2Simple perl script for checking a variable for local file inclusion.
7a89062aa2bc8ae5f5a76310fae76750c8558091805e968453b79a0c4e154f85Simple perl script for checking a variable for remote file inclusion.
d955aa7ad17d48675b1f1e7e68d98580628e35110797410881c17f73ad6f7a7cSecunia Research has discovered a vulnerability in Foxit Reader, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error when processing JBIG2 symbol dictionary segments. This can be exploited to dereference uninitialized memory via a specially crafted PDF file. Successful exploitation may allow execution of arbitrary code.
6ef4c16836c7610b92f1a0cb927a41ff77eee2ce316d8f26ef48ae1ddf06098cCS-Cart version 2.0.0 Beta 3 suffers from a remote SQL injection vulnerability.
4cb41ade481056f26106b2b123c9b4430ba4367f7b2165bb03ee03e13f42331cadsuck is a small DNS server that spoofs blacklisted addresses and forwards all other queries. The idea is to be able to prevent connections to undesirable sites such as ad servers, crawlers, etc. It can be used locally, for the road warrior, or on the network perimeter in order to protect local machines from malicious sites.
9eab21f007c36ee4fc591c85a282fde043487740273d77c93beaab4492a45686mks_vir 9 BETA versions below 1.2.0.0 build 297 local privilege escalation exploit.
7016311d5427e6cede2f1c1fe336eb5e13386dfa2d08a829097ee9e12a1e7bc7Nokia Multimedia Player version 1.0 playlist universal SEH overwrite exploit that spawns calc.exe.
d7f6e75a11628fccd1cccdb0f94b9fb076ef27c76d5429810a3f86623eb6d43cGentoo Linux Security Advisory GLSA 200903-14 - Incomplete verification of RSA and DSA certificates might lead to spoofed records authenticated using DNSSEC. BIND does not properly check the return value from the OpenSSL functions to verify DSA (CVE-2009-0025) and RSA (CVE-2009-0265) certificates. Versions less than 9.4.3_p1 are affected.
65d79671fc4d8b5e91d51aac2cfeae01b0fa6697d3ac98832479ee8f3cd10005Gentoo Linux Security Advisory GLSA 200903-13 - Multiple buffer overflows in MPFR might lead to a Denial of Service. Multiple buffer overflows have been reported in the mpfr_snprintf() and mpfr_vsnprintf() functions. Versions less than 2.4.1 are affected.
00630dfb4d8532a9d36cd433bd5c10f019460632da2383b49fa591e1173a8be1Gentoo Linux Security Advisory GLSA 200903-12 - A vulnerability in OptiPNG might result in user-assisted execution of arbitrary code. Roy Tam reported a use-after-free vulnerability in the GIFReadNextExtension() function in lib/pngxtern/gif/gifread.c leading to a memory corruption when reading a GIF image. Versions less than 0.6.2-r1 are affected.
4276d2ceb988241a348b65387b53b2c25e279880943ccc7bb9dffaa60c84311eGentoo Linux Security Advisory GLSA 200903-11 - A buffer overflow in PyCrypto might lead to the execution of arbitrary code when decrypting using ARC2. Mike Wiacek of the Google Security Team reported a buffer overflow in the ARC2 module when processing a large ARC2 key length. Versions less than 2.0.1-r8 are affected.
b48dbee97d58e7d9d714c39584306a242eaadaab6a4dbf64fc7783df14fab56bRealtek Sound Manager versions 1.15.0.0 playlist SEH overwrite exploit.
f71b6f8aa931b4bd368ffd26d25973fc1447da425b329a90ded08cf4722b3902GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP specific capabilities such as presence and messaging. It supports secure telephone extensions for making calls over the Internet, and intercept/decrypt-free peer-to-peer audio and video extensions. It is not a SIP proxy, a multi-protocol telephone server, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
09681117081f8045e64ab36cd5b79f1cb8a032b665588a392da6008aded1c0bcEO Video version 1.36 playlist SEH overwrite exploit.
2356a9f5ba08842575987b6b361a6aa9f1d8850ef09dc39e2a5403df3eac97e5Guk CMS suffers from a remote SQL injection vulnerability.
1968503c11a1bd370b798853a5f7559ba1a6fc90f39725f5f6371fc59d552c83phpCommunity 2 version 2.1.8 suffers from remote SQL injection, directory traversal, and cross site scripting vulnerabilities.
440a26183e69646d7610d0a76130e39880614d2be25c4f94aa5d423ea4131facCMS S.Builder versions 3.7 and below suffer from a remote file inclusion vulnerability.
3627aea474600f160c884b2c224920abf37f13169c435bae5b193e28ddc8de56Belkin BullDog Plus UPS-Service buffer overflow exploit that binds a shell to port 4444.
b618160c09e59803fe7c32c8d7abf7d6978e1c98bf9aa4e15cfffb8fc6be6a40Secunia Security Advisory - Gentoo has issued an update for openttd. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
ef96f7eede507c7603e74992cacae924a5e5bd90d360a4a026bcc2968afd1ca7Secunia Security Advisory - Fedora has issued an update for networkmanager. This fixes two security issues, which can be exploited by malicious, local users to manipulate certain data and disclose potentially sensitive information.
05d2934f725e2a05825dd724172a26353c51df6c516904000c9b01bcfbfd8b65Secunia Security Advisory - Gentoo has issued an update for openswan. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
1504bcb694ed0d86bb67ceca8a0e11458d6c2f0f35badb041373852291f582a0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed